Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday November 10 2017, @02:14AM   Printer-friendly
from the hardware-wants-to-be-free? dept.

It looks like it's nearly game over for the Intel Management Engine:

Positive Technologies, which in September said it has a way to attack the Intel Management Engine, has dropped more details on how its exploit works.

The firm has already promised to demonstrate [a] God-mode hack in December 2017, saying the bug "allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard".

For some details, we'll have to wait, but what's known is bad enough: Intel Management Engine (IME) talks to standard Joint Test Action Group (JTAG) debugging ports. As [does] USB, so Positive Technologies researchers put the two together and crafted a way to access IME from the USB port.

[...] The latest attack came to Vulture South's attention via a couple of Tweets:

Game over! We (I and @_markel___ ) have obtained fully functional JTAG for Intel CSME via USB DCI. #intelme #jtag #inteldci pic.twitter.com/cRPuO8J0oG

— Maxim Goryachy (@h0t_max) November 8, 2017

Full access the Intel ME( >=Skylake) by JTAG debugging via USB DCI https://t.co/TMvOirXOVI @ptsecurity @h0t_max @_markel___

— Hardened-GNU/Linux (@hardenedlinux) November 8, 2017

The linked blog post [in Russian] explains that since Skylake, the PCH – Intel's Platform Controller Hub, which manages chip-level communications – has offered USB access to JTAG interfaces that used to need specialised equipment. The new capability is DCI, Direct Connect Interface.

Reddit discussion linked by LoRdTAW in a journal.

Previously: Intel Management Engine Partially Defeated
Disabling Intel ME 11 Via Undocumented Mode
How-To: Disabling the Intel Management Engine
Andrew Tanenbaum's Open Letter to Intel About MINIX 3


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by drussell on Friday November 10 2017, @03:44AM (3 children)

    by drussell (2678) on Friday November 10 2017, @03:44AM (#595012) Journal

    So when will people wise up to the fact that obfuscated garbage like this is less secure, not a magical panacea of cyber security and everything-under-the-sun management goodness?!

    Oh, wait... "They're" already trying to claw back the allowance of decent encryption... I'd be willing to bet that in the current environment we wouldn't even have been allowed to use 128 bit DES back in the day, even in North America...

    :facepalm:

    Certainly Microsoft would have at least got smacked down for making it too "easy" tp encrypt things "securely" by including the 128-bit update with IE, where it would be far too easy to accidentally be exported to rogue nations when people tried to update their browser version....

    Half of the people reading this probably weren't even alive when we had to deal with 56-bit vs 128-bit encryption in our OS and the fledgling "browser" market?

    I ran Mosaic on a 286 on a serial Lantastic LAN, for fuck's sake.... GET OFF MY LAWN!!!

    Grrrrrrrrrrr!!!

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 5, Touché) by takyon on Friday November 10 2017, @04:16AM (1 child)

    by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Friday November 10 2017, @04:16AM (#595026) Journal

    So when will people wise up to the fact that obfuscated garbage like this is less secure, not a magical panacea of cyber security and everything-under-the-sun management goodness?!

    Sometime after they realize that every processor on the market has these backdoors.

    So, never.

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
    • (Score: 3, Interesting) by Anonymous Coward on Friday November 10 2017, @12:46PM

      by Anonymous Coward on Friday November 10 2017, @12:46PM (#595099)

      I have had this EXACT discussion with people on Tor and I2P over the past 5ish years.

      Few of them were concerned with this, even among the actual developers of the software.

      'Is it safe to allow nodes running on virtual hosting in data centers'? Is it safe to run this software on Windows 10 (7,8,8.1 after telemetry). Is it safe to run this software on a cell phone where the baseband might have full access to main memory?

      All of these privacy networks have been running on blind faith for the past 5-10 years. At this point in time it is only safe to assume the capability for enough nodes to be compromised to provide keys off quite a few relays, which means even if they don't have access to your communications they may have enough information to infer which nodes traffic is passing between, at which point finding say a server node for an 'illegal' darknet website, whether Silk Road (or modern equivalent) or a site protesting against government censorship and abuse.

      And when those networks run out and the majority of nodes are compromised, and reporting session keys back, the whole peer to peer anonymity mesh breaks down, and there is neither the developers nor hardware left to recreate it.

      We are close to that point today, and unless both secure hardware and developers with the wherewithal to create the necessary secure and anonymous software take up the torch from their forebears, we are heading for the sort of nightmarish dystopia we will have a hard time if ever escaping from.

      Think about what you can do if privacy, data security, anonymity and freedom are more important to you than groupthink and physical safety and security, because the time is fast approaching where you will have to choose one or the other and you will be saddled with the consequences of that choice.

  • (Score: 2, Insightful) by Anonymous Coward on Friday November 10 2017, @07:02AM

    by Anonymous Coward on Friday November 10 2017, @07:02AM (#595056)

    >So when will people wise up to the fact that obfuscated garbage like this is less secure, not a magical panacea of cyber security and everything-under-the-sun management goodness?!

    Nobody ever thought IME was a feature built for consumers.
    It is a backdoor, or when breached it is a wonderful way of enforcing obsolescence.